Laden...
Good afternoon from Crete,
my mailbox exploded this afternoon with emails from the Java Champion Group about the new Log4J vulnerability exposed a few days ago here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228
Basically, if you use certain versions of Log4J in your system, and happen to log anything that the user might enter, then hackers might be able to execute code on your system and thus take control of your server.
My friends Martijn Verburg and Bruno Borges have written a more detailed explanation of what this is all about, how to fix it, etc.:
https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Sebastian Daschner also wrote about it in his newsletter:
https://www.sebastian-daschner.com/news/issues/055
Good luck - and make sure to restart your minecraft server. It should update itself when you do.
Kind regards
Heinz
If you no longer wish to receive our emails, click the link below:
https://iw127.infusionsoft.com/app/optOut/8/a6ca3d5100f0d052/11427108/39b7f2af344fe17f
Cretesoft Limited 77 Strovolos Ave Strovolos, Lefkosia 2018 Cyprus
Laden...
Laden...
